CodeAnt AI home pagelight logodark logo
  • Dashboard
  • Dashboard
  • Documentation
  • Demo Call with CEO
  • Blog
  • Slack
    • Get Started
    • CodeAnt AI
    • Setup
    • Control Center
    • Pull Request Review
    • IDE
    • Compliance
    • Anti-Patterns
    • Code Governance
    • Infrastructure Security Database
    • Application Security Database
      • Apex
      • Bash
      • C
      • Clojure
      • Cpp
      • Csharp
      • Dockerfile
      • Elixir
      • Fingerprints
      • Generic
      • Go
      • Html
      • Java
      • Javascript
      • Json
      • Kotlin
      • Ocaml
      • Php
      • Problem-based-packs
      • Python
        • Airflow
        • Attr
        • Aws-lambda
        • Bokeh
        • Boto3
        • Cassandra
        • Click
        • Correctness
        • Couchbase
        • Cryptography
        • Distributed
        • Django
        • Docker
        • Elasticsearch
        • Fastapi
        • Flask
          • Ai
          • Best practice
          • Caching
          • Code
          • Correctness
          • Db
          • Debug
          • Deserialization
          • File
          • Flask-hardcoded-database-password-uri
          • Log
          • Maintainability
          • Net
          • Os
          • Regex
          • Security
          • Security
          • Web
            • Flask-cookie-app-config-httponly-false
            • Flask-cookie-app-config-samesite-none
            • Flask-cookie-app-config-secure-false
            • Flask-cookie-httponly-false
            • Flask-cookie-httponly-missing
            • Flask-cookie-samesite-missing
            • Flask-cookie-samesite-none
            • Flask-cookie-secure-false
            • Flask-cookie-secure-missing
            • Flask-login-session-protection-app-config-none
            • Flask-login-session-protection-none
            • Flask-talisman-cookie-secure-false
            • Flask-talisman-decorator-cookie-secure-false
              • Flask talisman decorator cookie secure false
            • Flask-wtf-csrf-check-default-false
          • Xml
        • Jinja2
        • Jwt
        • Lang
        • Ldap3
        • Mariadb
        • Mysql
        • Mysqlclient
        • Neo4j
        • Openai
        • Peewee
        • Pg8000
        • Psycopg2
        • Pycryptodome
        • Pyjwt
        • Pymongo
        • Pymssql
        • Pymysql
        • Pyramid
        • Redis
        • Requests
        • Sh
        • Sqlalchemy
        • Tormysql
        • Urllib3
        • Webrepl
        • Wtforms
      • Ruby
      • Rust
      • Scala
      • Solidity
      • Swift
      • Terraform
      • Typescript
      • Yaml
    Flask-talisman-decorator-cookie-secure-false

    Flask talisman decorator cookie secure false

    flask-talisman-decorator-cookie-secure-false

    Detected a cookie where the Secure flag is either missing or disabled. The Secure cookie flag instructs the browser to forbid sending the cookie over an insecure HTTP request. Set the Secure flag to true so the cookie will only be sent over HTTPS.
    Likelihood: LOW
    Confidence: HIGH
    CWE:
    - CWE-614: Sensitive Cookie in HTTPS Session Without ‘Secure’ Attribute
    OWASP:
    - A05:2021 - Security Misconfiguration

    Flask talisman cookie secure falseFlask wtf csrf check default false
    twitterlinkedin
    Powered by Mintlify
    Assistant
    Responses are generated using AI and may contain mistakes.